Another day, another MS cockup.
Nothing new here. Move along now.
An Azure Active Directory (AAD) misconfiguration by Microsoft in one of its own cloud-hosted applications could have allowed miscreants to subvert the IT giant's Bing search engine – even changing search results. User information including Outlook emails, calendars, and Teams messages was also left vulnerable to potential theft …
That's the MS 'way forward'. Right across their products there's been progressive elimination of the often essential confirmation prompt, resulting in a single click launching an event without verification. This policy has clearly reached a point where it's becoming actually dangerous. Maybe they'll rethink? probably not.
The problem is
a) With a GUI and a mindset that "administration is easy" people will tend to keep pressing submit and fill in the mimimun to make the submit button work
b) Wuth a GUI designer seem to always want to have a default for toggles like these. "Boss, what should the default be?"
With a command line, --single_tenant and --multi-tenant and having to BUILD the command people first list the available options and then THINK about selecting the options they need.
Also when people think about automating the process they already have the command to hand!
I have always been of the opion GUI's are GREAT for viewing (READ) not changing (WRITE).